summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
authorPavel Zuna <pzuna@redhat.com>2009-04-06 16:11:02 +0200
committerRob Crittenden <rcritten@redhat.com>2009-04-06 11:23:25 -0400
commit82bc30d17e2dc26bbb1de60b5962739310b730db (patch)
treeed79b81d3b09fc191e14e1ba224e01b651a8f01b /ipaserver
parentdc3547cd7b8ea0c12672a2f027b096a11d0c1bac (diff)
downloadfreeipa-82bc30d17e2dc26bbb1de60b5962739310b730db.tar.gz
freeipa-82bc30d17e2dc26bbb1de60b5962739310b730db.tar.xz
freeipa-82bc30d17e2dc26bbb1de60b5962739310b730db.zip
Use full OID for LDAP SYNTAX identification. Don't convert Booleans and Integers into respective python types as their ranges might not match. Rename module-scope functions.
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/plugins/ldap2.py44
1 files changed, 20 insertions, 24 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index 6df01f2a8..ca0849024 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -49,23 +49,20 @@ from ipalib.crud import CrudBackend
# attribute syntax to python type mapping, 'SYNTAX OID': type
# everything not in this dict is considered human readable unicode
-# instead of using the whole OID, we can just use the last number
-# for standard syntaxes
-# FIXME: if we're going to use non-standard syntaxes, this needs to change
_syntax_mapping = {
- '1': str, # ACI Item
- '4': str, # Audio
- '5': str, # Binary
- '7': bool, # Boolean
- '8': str, # Certificate
- '9': str, # Certificate List
- '10': str, # Certificate Pair
- '23': str, # Fax
- '27': int, # Integer
- '28': str, # JPEG
- '40': str, # OctetString (same as Binary)
- '49': str, # Supported Algorithm
- '51': str, # Teletext Terminal Identifier (not sure about this one)
+ '1.3.6.1.4.1.1466.115.121.1.1': str, # ACI item
+ '1.3.6.1.4.1.1466.115.121.1.4': str, # Audio
+ '1.3.6.1.4.1.1466.115.121.1.5': str, # Binary
+ '1.3.6.1.4.1.1466.115.121.1.7': str, # Boolean
+ '1.3.6.1.4.1.1466.115.121.1.8': str, # Certificate
+ '1.3.6.1.4.1.1466.115.121.1.9': str, # Certificate List
+ '1.3.6.1.4.1.1466.115.121.1.10': str, # Certificate Pair
+ '1.3.6.1.4.1.1466.115.121.1.23': str, # Fax
+ '1.3.6.1.4.1.1466.115.121.1.27': str, # Integer, might not fit into int
+ '1.3.6.1.4.1.1466.115.121.1.28': str, # JPEG
+ '1.3.6.1.4.1.1466.115.121.1.40': str, # OctetString (same as Binary)
+ '1.3.6.1.4.1.1466.115.121.1.49': str, # Supported Algorithm
+ '1.3.6.1.4.1.1466.115.121.1.51': str, # Teletext Terminal Identifier
}
# used to identify the Uniqueness plugin error message
@@ -73,14 +70,14 @@ _uniqueness_plugin_error = 'Another entry with the same attribute value already
# utility function, builds LDAP URL string
-def get_ldap_url(host, port, using_cacert=False):
+def _get_url(host, port, using_cacert=False):
if using_cacert:
return 'ldaps://%s:%d' % (host, port)
return 'ldap://%s:%d' % (host, port)
# retrieves LDAP schema from server
-def load_schema(host, port):
- url = get_ldap_url(host, port)
+def _load_schema(host, port):
+ url = _get_url(host, port)
try:
conn = _ldap.initialize(url)
@@ -101,7 +98,7 @@ def load_schema(host, port):
# cache schema when importing module
-_schema = load_schema(api.env.ldap_host, api.env.ldap_port)
+_schema = _load_schema(api.env.ldap_host, api.env.ldap_port)
# ldap backend class
class ldap2(CrudBackend):
@@ -127,7 +124,7 @@ class ldap2(CrudBackend):
def __str__(self):
using_cacert = bool(_ldap.get_option(_ldap.OPT_X_TLS_CACERTFILE))
- return get_ldap_url(self._host, self._port, using_cacert)
+ return _get_url(self._host, self._port, using_cacert)
# encoding values from unicode to utf-8 strings for the ldap bindings
@@ -163,8 +160,7 @@ class ldap2(CrudBackend):
for (k, v) in entry_attrs.iteritems():
attr = self._schema.get_obj(_ldap.schema.AttributeType, k)
if attr:
- index = attr.syntax.rindex('.') + 1
- attr_type = _syntax_mapping.get(attr.syntax[index:], unicode)
+ attr_type = _syntax_mapping.get(attr.syntax, unicode)
if attr_type is unicode:
entry_attrs[k] = self._decode_values(v)
elif isinstance(v, (list, tuple)):
@@ -198,7 +194,7 @@ class ldap2(CrudBackend):
# if we don't have this server's schema cached, do it now
if self._host != api.env.ldap_host or self._port != api.env.ldap_port:
- self._schema = load_schema(self._host, self._port)
+ self._schema = _load_schema(self._host, self._port)
if tls_cacertfile is not None:
_ldap.set_option(_ldap.OPT_X_TLS_CACERTFILE, tls_cacertfile)